Search Results

Search found 639 results on 26 pages for 'signing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 21/26 | < Previous Page | 17 18 19 20 21 22 23 24 25 26  | Next Page >

  • ActiveX not working properly with default security settings

    - by Ummar
    I have written an ActiveX control in C# and have made it working using regasm command, and it works fine as long as the security level is set to low.. Then as a next step I have made a .cab installer (ICD - Internet component downloader), and have signed my .cab file and ActiveX .dll file with a test certificate. when I hit the html page from my browser the installation parts works fine with default security settings of IE, but at the end it seems that nothing is installed and a red cross is shown on place of ActiveX. Moreover I have explored the Download Program Files folder under Windows directory, in status column it is showing word "unknown". while it is "installed" for all other activeX. what may be the problem. Moreover if i use the regasm command to register the assembly it works fine, and I have signed the ActiveX but still I have to move the security bar to low in my browser setting? why it is so? then what is the purpose of signing? I have used RegisterServer=yes in my .inf file Please let me know, if some one has gone through this problem already?

    Read the article

  • Getting entitlement warning while building an Ad Hoc Distribution Bundle for an Iphone App.

    - by nefsu
    I followed Apple's instructions on how to create an Ad Hoc Distrubution bundle but I keep getting what appears to be a fatal Warning during the build process. As per the instructions, I set the signing identity to my distribution profile at the target (instead of the project), created my Entitlement.plist file and unchecked get-task-allow, linked this file to my target and run the build in distribution for device mode. When I do that, the build completes successful but only after giving the following warning. [WARN]CodeSign warning: entitlements are not applicable for product type 'Application' in SDK 'Device - iPhone OS 3.1.2'; ignoring... The last step in the build is the CodeSign and I've noticed that although it ran without errors, it's missing the --entitlement command line option that is given on the official apple instruction guide. Here is my CodeSign line /usr/bin/codesign -f -s "iPhone Distribution: My Name" --resource-rules=/Volumes/Data/projects/xcode/MyAppName/build/Distribution-iphoneos/MyAppName.app/ResourceRules.plist /Volumes/Data/projects/xcode/MyAppName/build/Distribution-iphoneos/MyAppName.app And here is apple's screen shot of what's expected. Can someone please help me figure out if this is something I'm doing wrong because much to my dismay even the dev forum at apple has very little information on this CodeSign warning.

    Read the article

  • dialing on iphone/ipod touch not working with documented procedures

    - by dave
    I'm trying to set up an iphone app to the phone number of a various sports store using the tel:// url passing method- I am developing on an ipod touch- usually on the touch you see the error message "Unsupported URL - This URL wasn't loaded tel://99887766" when you try and dial a number. I cant get this message to appear on the simulator or the ipod touch. do I need to do some sort of fancy signing before the app will dial properly? I am using this code: [[UIApplication sharedApplication] openURL:[NSURL URLWithString:[NSString stringWithFormat:@"tel:%@", [selectedBar phoneNumber]]]]; and I've tried adding the slashes: [[UIApplication sharedApplication] openURL:[NSURL URLWithString:[NSString stringWithFormat:@"tel://%@", [selectedBar phoneNumber]]]]; but neither work. I have also tried this way: [[UIApplication application] openURL:[NSURL URLWithString:@"tel://99887766"]]; and this way: NSMutableString *phone = [[@"+ 12 34 567 89 01" mutableCopy] autorelease]; [phone replaceOccurrencesOfString:@" " withString:@"" options:NSLiteralSearch range:NSMakeRange(0, [phone length])]; [phone replaceOccurrencesOfString:@"(" withString:@"" options:NSLiteralSearch range:NSMakeRange(0, [phone length])]; [phone replaceOccurrencesOfString:@")" withString:@"" options:NSLiteralSearch range:NSMakeRange(0, [phone length])]; NSURL *url = [NSURL URLWithString:[NSString stringWithFormat:@"tel:%@", phone]]; [[UIApplication sharedApplication] openURL:url]; No matter what i do i can't get any response from the simulator / ipod touch that it is dealing with a phone number- When I press the button associated with this code, it doesnt crash, it's like its processed it and decided not to do anything. i even put an NSLog(@"button called"); in just before the code to confirm the button was working, which it is.

    Read the article

  • Is there only one distribution certificate per team leader or one per application?

    - by dbonneville
    I'm confused by the dev and dist cert. I got one app in the store, but I named my certs after my first app. Was this a mistake? I'm ready to go on my second app. But XCode is selected the dist cert with the old app name on it. It built without error. Though I named it wrong, will it still work? XCode is automatically picking this cert for me. Is this right? You need a new app ID for each app so you can 1) put in plist, 2) put in code signing section on Build tab of Target info, but you don't need a new dev and dist cert for each new app. Therefore is this right too? For each app you develop, you only need your original dev and dist cert, but a new app ID for each app. This is so obscure! I wish apple had done a better job!

    Read the article

  • How do I sign requests reliably for the Last.fm api in C#?

    - by Arda Xi
    I'm trying to implement authorization through Last.fm. I'm submitting my arguments as a Dictionary to make the signing easier. This is the code I'm using to sign my calls: public static string SignCall(Dictionary<string, string> args) { IOrderedEnumerable<KeyValuePair<string, string>> sortedArgs = args.OrderBy(arg => arg.Key); string signature = sortedArgs.Select(pair => pair.Key + pair.Value). Aggregate((first, second) => first + second); return MD5(signature + SecretKey); } I've checked the output in the debugger, it's exactly how it should be, however, I'm still getting WebExceptions every time I try. Here's my code I use to generate the URL in case it'll help: public static string GetSignedURI(Dictionary<string, string> args, bool get) { var stringBuilder = new StringBuilder(); if (get) stringBuilder.Append("http://ws.audioscrobbler.com/2.0/?"); foreach (var kvp in args) stringBuilder.AppendFormat("{0}={1}&", kvp.Key, kvp.Value); stringBuilder.Append("api_sig="+SignCall(args)); return stringBuilder.ToString(); } And sample usage to get a SessionKey: var args = new Dictionary<string, string> { {"method", "auth.getSession"}, {"api_key", ApiKey}, {"token", token} }; string url = GetSignedURI(args, true); EDIT: Oh, and the code references an MD5 function implemented like this: public static string MD5(string toHash) { byte[] textBytes = Encoding.UTF8.GetBytes(toHash); var cryptHandler = new System.Security.Cryptography.MD5CryptoServiceProvider(); byte[] hash = cryptHandler.ComputeHash(textBytes); return hash.Aggregate("", (current, a) => current + a.ToString("x2")); }

    Read the article

  • WCF service consuming passively issued SAML token

    - by Neillyboy
    What is the best way to pass an existing SAML token from a website already authenticated via a passive STS? We have built an Identity Provider which is issuing passive claims to the website for authentication. We have this working. Now we would like to add some WCF services into the mix - calling them from the context of the already authenticated web application. Ideally we would just like to pass the SAML token on without doing anything to it (i.e. adding new claims / re-signing). All of the examples I have seen require the ActAs sts implementation - but is this really necessary? This seems a bit bloated for what we want to achieve. I would have thought a simple implementation passing the bootstrap token into the channel - using the CreateChannelActingAs or CreateChannelWithIssuedToken mechanism (and setting ChannelFactory.Credentials.SupportInteractive = false) to call the WCF service with the correct binding (what would that be?) would have been enough. We are using the Fabrikam example code as reference, but as I say, think the ActAs functionality here is overkill for what we are trying to achieve.

    Read the article

  • Xcode "Build and Archive" from command line

    - by Dan Fabulich
    Xcode 3.2 provides an awesome new feature under the Build menu, "Build and Archive" which generates an .ipa file suitable for Ad Hoc distribution. You can also open the Organizer, go to "Archived Applications," and "Submit Application to iTunesConnect." Is there a way to use "Build and Archive" from the command line (as part of a build script)? I'd assume that xcodebuild would be involved somehow, but the man page doesn't seem to say anything about this. UPDATE Michael Grinich requested clarification; here's what exactly you can't do with command-line builds, features you can ONLY do with Xcode's Organizer after you "Build and Archive." You can click "Share Application..." to share your IPA with beta testers. As Guillaume points out below, due to some Xcode magic, this IPA file does not require a separately distributed .mobileprovision file that beta testers need to install; that's magical. No command-line script can do it. For example, Arrix's script (submitted May 1) does not meet that requirement. More importantly, after you've beta tested a build, you can click "Submit Application to iTunes Connect" to submit that EXACT same build to Apple, the very binary you tested, without rebuilding it. That's impossible from the command line, because signing the app is part of the build process; you can sign bits for Ad Hoc beta testing OR you can sign them for submission to the App Store, but not both. No IPA built on the command-line can be beta tested on phones and then submitted directly to Apple. I'd love for someone to come along and prove me wrong: both of these features work great in the Xcode GUI and cannot be replicated from the command line.

    Read the article

  • Opa app does not load in Internet Explorer when compiled with Opa 1.1.1

    - by Marcin Skórzewski
    I did a minor update to the already working application and then had problems using new version of Opa compiler. First problem - runtime exception Since the original deployment Opa 1.1.1 has been released and it resulted in error: events.js:72 throw er; // Unhandled 'error' event ^ Error: listen EADDRINUSE at errnoException (net.js:901:11) at Server._listen2 (net.js:1039:14) at listen (net.js:1061:10) at Server.listen (net.js:1127:5) at global.BslNet_Http_server_init_server (/opt/mlstate/lib/opa/stdlib/server.opp/serverNodeJsPackage.js:223:1405) at global.BslNet_Http_server_init_server_cps (/opt/mlstate/lib/opa/stdlib/server.opp/serverNodeJsPackage.js:226:15) at __v1_bslnet_http_server_init_server_cps_b970f080 (/opt/mlstate/lib/opa/stdlib/stdlib.qmljs/stdlib.core.web.server.opx/main.js:1:175) at /opt/mlstate/lib/opa/stdlib/stdlib.qmljs/stdlib.core.web.server.opx/main.js:440:106 at global.execute_ (/opt/mlstate/lib/opa/static/opa-js-runtime-cps/main.js:19:49) at /opt/mlstate/lib/opa/static/opa-js-runtime-cps/main.js:17:78 I decided to build Opa from sources and it helped, but another problem occurred :( Second problem - stops to support the IE Application stopped to work in Internet Explorer. I tried two different machines (Windows XP and 7) with IE 8 and 10. Web page does not load at all (looks like the network problem, but the same URL works fine in Firefox). I confirmed the same problem with "Hello world" from the Opa tutorial compiled with both Opa stable 1.1.1 and build from sources. I suspected that the problem is due to Node.js update (Opa = 1.1.1 requires Node 0.10.* - now I am using 0.10.12, but I also tried other 0.10-s), but "Hello world" from the Node's from page works fine. I am running the app on OSX developer box and Linux Debian 7.0 server. Any suggestions what am I doing wrong? PS. I was off the business for a while. Anyone knows what happened to the Opa forum? Signing is seams not to work.

    Read the article

  • Parameters lost on login form submitted with post in JBoss

    - by Supowski
    My login page contains two forms: one for logging in and one for signing up. Shorten like this: <form name="LoginForm" id="LoginForm" method="post" action="j_security_check" > <input type="text" name="j_username" /> <input type="text" name="j_password" /> <input type="submit" value="Sing In" /> <form> <form name="SignUpForm" id="SignUpForm" method="post" action="/homepage" > <input type="text" name="loginName" /> <input type="password" name="password1" /> <input type="password" name="password2" /> <input type="submit" value="Sing Up" /> <form> I If 'Sing Up', than values of input are lost during processing and not passed into my Servlet. It works fine with GET, but than there is password in URL, so it's not the right solution :) Similar problem has been posted to community.jboss.org, but with no response: http://community.jboss.org/message/7150#7150. I'm using JBoss 4.3eap. Any help?

    Read the article

  • How to install previously-archived apps from xcode organizer to my iphone

    - by Ben Clayton
    Hi all. Xcode keeps an archive of all the versions of my apps that I've submitted to the app store in the 'archived applications' section. I assumed using this I could install an old version of an app to my device, in order to reproduce any problems my client may have had with that particular version. However, when I try to do this I get an error: 'this executable was signed with invalid entitlements, the entitlements specified in your applications code signing entitlements do not match those specified in your provisioning profile' The original app was signed using our App Store distribution certificate, and I use the Organizer interface to re-sign it using our Developer profile. select the archived app select the version I want to test click 'share' select 'iphone developer' next to identity save to disk (saves the ipa file) then copy the ipa to the device using the little + button you see next to 'applications' on the screen you get when you select the connected device. Then I get the error, and the app isn't installed. Is there something obvious I'm doing wrong here? Or is there a different process to re-install an archived app to my device? Thanks,

    Read the article

  • Using an SHA1 with Microsoft CAPI

    - by Erik Jõgi
    I have an SHA1 hash and I need to sign it. The CryptSignHash() method requires a HCRYPTHASH handle for signing. I create it and as I have the actual hash value already then set it: CryptCreateHash(cryptoProvider, CALG_SHA1, 0, 0, &hash); CryptSetHashParam(hash, HP_HASHVAL, hashBytes, 0); The hashBytes is an array of 20 bytes. However the problem is that the signature produced from this HCRYPTHASH handle is incorrect. I traced the problem down to the fact that CAPI actually doesn't use all 20 bytes from my hashBytes array. For some reason it thinks that SHA1 is only 4 bytes. To verify this I wrote this small program: HCRYPTPROV cryptoProvider; CryptAcquireContext(&cryptoProvider, NULL, NULL, PROV_RSA_FULL, 0); HCRYPTHASH hash; HCRYPTKEY keyForHash; CryptCreateHash(cryptoProvider, CALG_SHA1, keyForHash, 0, &hash); DWORD hashLength; CryptGetHashParam(hash, HP_HASHSIZE, NULL, &hashLength, 0); printf("hashLength: %d\n", hashLength); And this prints out hashLength: 4 ! Can anyone explain what I am doing wrong or why Microsoft CAPI thinks that SHA1 is 4 bytes (32 bits) instead of 20 bytes (160 bits).

    Read the article

  • Big problems on iPhone ad hoc build -

    - by phil swenson
    No matter what I do I can't get my ad hoc provisioning profile to work. In Organizer, I always get "A valid signing identity matching this profile cannot be found in your keychain" for my adhoc profile. I have my distribution cert installed in my login keychain. I dragged the adhoc mobileprovision file to XCode... that's pretty much all there is to it, right? I searched around and found suggestions like re-creating the cert/profile. Did that, same thing. Also make sure your login keychain is default. It is. Even tried a different computer. Same result. In XCode AdHoc target I don't have a distribution target to pick. This all used to work, but obviously I messed something up..... Perhaps my process is just wrong (it's been months since I did this). Does someone have a step by step list of how to set up for adhoc distribution?

    Read the article

  • How to handle images better in Android

    - by primal
    In the microblogging application I am developing I wish to show an user image beside each post in the timeline. The images are small in size(max 50*50 dip) and are not more than 10 in number. I've two approaches in my mind. 1) Allow user to chose an image from Gallery on signing up. Send the image to the server and on subsequent signups load the image from the server. I'm worried whether this approach is doing too much unnecessary work. 2) The same method is same as above in first step but this time the image is not send to the server but a key value associated with the image is sent to the server. On subsequent signups, after obtaining the key from the server the specific image is loaded from gallery. I am not sure whether the second approach is possible. Any corrections on this aspect would be much appreciated. Also, Is it possible to store an image in SharedPreferences? Any new approach to handle this problem better are welcome.

    Read the article

  • What caused the rails application crash?

    - by so1o
    I'm sure someone can explain this. we have an application that has been in production for an year. recently we saw an increase in number of support requests for people having difficulty signing into the system. after scratching our head because we couldn't recreate the problem in development, we decided we'll switch on debug logger in production for a month. that was june 5th. application worked fine with the above change and we were waiting. then yesterday we noticed that the log files were getting huge so we made another change in production config.logger = Logger.new("#{RAILS_ROOT}/log/production.log", 50, 1048576) after this change, the application started crashing while processing a particular file. this particular line of code was RAILS_DEFAULT_LOGGER.info "Payment Information Request: ", request.inspect as you can see there was a comma instead of a plus sign. this piece of code was introduced in Mar. the question is this: why did the application fail now? if changing the debug level caused the application to process this line of code it should have started failing on june 5th! why today. please someone help us. Are we missing the obvious here? if you dont have an answer, at least let us know we aren't the only one that are bonkers.

    Read the article

  • Bizarre Bug with our Rails app in IE

    - by Callmeed
    We're experiencing a really bizarre bug in our Rails 2.3.4 app. This bug only happens in Internet Explorer (7 and 8). Here's what happens: A new customer creates an account at https://domain.com/signup/free (notice no subdomain) Their account is identified by a subdomain like "example.domain.com" After signing up, they get a welcome screen with a link to their account's home page They follow the link, then click the "log in" button and attempt to login Even though they provide valid credentials, the app redirects back to their account's root url ... they can never reach their admin area The only way they can login (on IE) is by quitting and re-opening IE ... then it works fine ... Something with their initial session is preventing them from logging in. If it matters, we are using restful_authentication and the ssl_requirement plugin ... I'm not sure if one or both of those has a problem with IE but we are stumped here. Also, I've read IE has an issue with subdomains that contain underscores ... this isn't what's going on.

    Read the article

  • Is there any other way of using signed applets

    - by 640KB
    Hi There, If I want to deploy high privileged applets they need to be signed. For that a certificate is created and then a jar file is signed with a jarsigner. After that in the HTML code one has to specify code,codebase AND archive (jar) which we signed before. However I wrote a servlet which acts as two things: it sits at the URL pointed by the codebase and serves class bytecode to the applet. The same servlet also uses serialization to communicate with the applet whereby whenever the applet gets a class it does not know it goes to the codebase which ends up back at the servlet. Almost like a mini RMI setup but simpler. I hope you can see the power in this. Unfortunately for signed applets one needs the archive. Now the servlet is also able to load a Certificate object and can send it to the applet too. So here is the setup: At one point the applet receives class bytecode and it also has the Certificate. It would be nice if the applet could instantiate all received classes using that certificate (otherwise code from jar is signed and outside is not which prompts nasty messages to the user). So my question to you fine Java aficionados: Would there by any way for me to use the bytecode data and the Certificate to instantiate the class as a signed object so that the plugin pops the Security dialog, accepts teh certificate and elevates the object's privileges. What I could find is that the there is a class CodeSource that accepts codebase URL and certificate and is essential to the signing process. What I am not sure is how one could intercept the class loading inside applets to install additional certificates not obtained through a JAR file via archive. What do you say? Thanks a bunch.

    Read the article

  • What is the appropriate HTML 5 element for a hero unit/showcase?

    - by deb
    A lot of marketing and content-heavy sites showcase the page's primary content using large text and/or images, sometimes with a slider, containing a call to action for signing up for a service, or downloading an app, etc.. I'm not sure what this design element is called, I got the term hero unit from twitter bootstrap: http://twitter.github.com/bootstrap/components.html#typography I think most of you know what I'm trying to describe... If it's not clear I can add screenshots or links to this question. I looked at a few different sites, and some put this hero unit inside a ASIDE element, others use SECTION, ARTICLE and even HEADER. Using twitter bootstrap as an example again: <header class="jumbotron masthead"> <div class="inner"> <h1>Bootstrap, from Twitter</h1> <p>Simple and flexible HTML, CSS, and Javascript for popular user interface components and interactions.</p> <p class="download-info"> Is HEADER the most appropriate tag for this type of content? Or should I use ASIDE, ARTICLE or SECTION?

    Read the article

  • Unknown and unreproducible crash causes App Store rejection

    - by Daniel Johnson
    After submitting our application several times, we continue to receive the following response: Thank you for submitting My App to the App Store. We've reviewed your application and determined that we cannot post this version of your iPad application to the App Store because My App is crashing on iPad running iPhone OS 3.2 and Mac OS X 10.6.2. My App crashes upon launch. Unfortunately, crash logs have not been generated. However, resigning the same build with the AdHoc entitlements and loading the build onto the device yields no such crash. After a number of attempts, the application simply does not crash as reported by the reviewer. Furthermore, the reviewer does not provide any useful logging that may have been generated by SpringBoard such as an exit status or event if it had worked properly for any other device. There are no calls to explicitly exit or quit the application in the code line and yet the application terminates on startup. What might cause an application to terminate in such a manner? Under what conditions is an application tested that might not be found under a development environment? Could it be a result of a signing issue that the submission validation system is simply unable to catch? Thanks in advance.

    Read the article

  • Digitally sign MS Office (Word, Excel, etc..) and PDF files on the server

    - by Sébastien Nussbaumer
    I need to digitally sign MS Office and PDF files that are stored on a server. I really mean a digital signature that is integrated in the document, according to each specific file formats. This is the process I had in mind : Create a hash of the file's content Send the hash to a custom written java applet in the browser The user encrypts the hash with his/her private key (on an usb token via PKCS#11 for example), thus effectively signing the file. The applet then sends the signature to the server On the server I would then incorporate the signature in the file's (MS Office and PDF files can do that without changing the file's content, probably by just setting some metadata field) What is cool is that you never have to download and upload the complete file to the server again. What is even cooler, the customer doesn't need Office or PDF Writer to sign the files. Parts 2, 3 and 4 are OK for me, my company bought all the JAVA technology I need for that for a previous project I worked on. Problem : I can't seem to find any documentation/examples to do parts 1 and 5 for Office files . Are my google skills failing me this time ? Do you have any pointers to documentation or examples for doing that for MS Office files ? The underlying technology isn't that important to me : I can use Java, .Net, COM, any working technology is OK ! Note : I'm 95% sure I can nail points 1 and 5 for PDF files using iText Thanks ** Edit : If I can't do that with hashes and must download the complete file to the client, it's also possible. But then I still need the documentation to be able to sign Office file... in java this time (from an applet)

    Read the article

  • Google MapView doesn't work after signed the app.

    - by user164589
    Hi guys, I am facing to android application signing problem. My application contains Google MapView. When I compile the app and run on the emulator, MapView works fine. But signed the app, MapView doesn't work. I've get Google Map API. This works on the simulator. I could sign the app once 2 months ago. Then I've upgraded the app. Now I need to sign the app again. Actually I don't know why signed app's mapView doesn't work. How to fix it ? Please advice. I used following steps when sign the app: Run Eclipse. Select the project. Right Click - Android Tools - Export Signed Application Package - Then Filled forms. (In forms, Validity years: 200, and all passwords are same.) Can you suggest me ? Thanks in advance.

    Read the article

  • GPG error occurs while using "deb file:/local-path-to-repo ..." in /etc/apt/sources.list

    - by Chandler.Huang
    I need to install packages within non-internet connection environment. My plan is to download dist structure from Internet and then add file path to /etc/apt/sources.list. So I download related structure includes ubunt/dists/precise, precise-backports, precise-proposed, precise-security, precise-updates from a ftp mirror server. And then I remove original source and add the following to my /etc/apt/sources.list. deb file:path-to-local-ubuntu-directory/ precise main restricted multiverse universe deb-src file:path-to-local-ubuntu-directory/ precise main restricted multiverse universe Then I got GPG error as following after apt-get update. root@openstack:/~# apt-get update Ign file: precise InRelease Get:1 file: precise Release.gpg [198 B] Get:2 file: precise Release [50.1 kB] Ign file: precise Release Get:3 file: precise/main TranslationIndex [3,761 B] Get:4 file: precise/multiverse TranslationIndex [2,716 B] Get:5 file: precise/restricted TranslationIndex [2,636 B] Get:6 file: precise/universe TranslationIndex [2,965 B] Reading package lists... Done W: GPG error: file: precise Release: The following signatures were invalid: BADSIG 0976EAF437D05B5 Ubuntu Archive Automatic Signing Key <[email protected]> I had tried use the following steps after google but in vain. sudo apt-get clean cd /var/lib/apt sudo mv lists lists.old sudo mkdir -p lists/partial sudo apt-get update Is there any way to resolve this? And why this error occurs? Thanks a lot.

    Read the article

  • Using an SHA1 with Micrsoft CAPI

    - by Erik Jõgi
    Hello, I have an SHA1 hash and I need to sign it. The CryptSignHash() method requires a HCRYPTHASH handle for signing. I create it and as I have the actual hash value already then set it: CryptCreateHash(cryptoProvider, CALG_SHA1, 0, 0, &hash); CryptSetHashParam(hash, HP_HASHVAL, hashBytes, 0); The hashBytes is an array of 20 bytes. However the problem is that the signature produced from this HCRYPTHASH handle is incorrect. I traced the problem down to the fact that CAPI actually doesn't use all 20 bytes from my hashBytes array. For some reason it thinks that SHA1 is only 4 bytes. To verify this I wrote this small program: HCRYPTPROV cryptoProvider; CryptAcquireContext(&cryptoProvider, NULL, NULL, PROV_RSA_FULL, 0); HCRYPTHASH hash; HCRYPTKEY keyForHash; CryptCreateHash(cryptoProvider, CALG_SHA1, keyForHash, 0, &hash); DWORD hashLength; CryptGetHashParam(hash, HP_HASHSIZE, NULL, &hashLength, 0); printf("hashLength: %d\n", hashLength); And this prints out hashLength: 4 ! Can anyone explain what I am doing wrong or why Microsoft CAPI thinks that SHA1 is 4 bytes (32 bits) instead of 20 bytes (160 bits). Thank you.

    Read the article

  • x509 certificate Information

    - by sid
    Certificate: Data: Version: 3 (0x2) Serial Number: 95 (0x5f) Signature Algorithm: sha1WithRSAEncryption Issuer: C=, O=, CN= Validity Not Before: Apr 22 16:42:11 2008 GMT Not After : Apr 22 16:42:11 2009 GMT Subject: C=, O=, CN=, L=, ST= Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): ... ... ... Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: critical Code Signing X509v3 Authority Key Identifier: keyid: ... Signature Algorithm: sha1WithRSAEncryption a9:55:56:9b:9e:60:7a:57:fd:7:6b:1e:c0:79:1c:50:62:8f: ... ... -----BEGIN CERTIFICATE----- ... ... ... -----END CERTIFICATE----- In This Certificate, Which is the public key? is Modulus? what does the Signature Algorithm, a9:55:56:... represent (is it message digest)? And what is between -----BEGIN CERTIFICATE----- & -----END CERTIFICATE-----, is That the whole certificate? As I am novice, little bit confusing between the message digest and public key? Thanks in Advance-opensid

    Read the article

  • Storing an encrypted cookie with Rails

    - by J. Pablo Fernández
    I need to store a small piece of data (less than 10 characters) in a cookie in Rails and I need it to be secure. I don't want anybody being able to read that piece of data or injecting their own piece of data (as that would open up the app to many kinds of attacks). I think encrypting the contents of the cookie is the way to go (should I also sign it?). What is the best way to do it? Right now I'm doing this, which looks secure, but many things looked secure to people that knew much more than I about security and then it was discovered it wasn't really secure. I'm saving the secret in this way: encryptor = ActiveSupport::MessageEncryptor.new(Example::Application.config.secret_token) cookies[:secret] = { :value => encryptor.encrypt(secret), :domain => "example.com", :secure => !(Rails.env.test? || Rails.env.development?) } and then I'm reading it like this: encryptor = ActiveSupport::MessageEncryptor.new(Example::Application.config.secret_token) secret = encryptor.decrypt(cookies[:secret]) Is that secure? Any better ways of doing it? Update: I know about Rails' session and how it is secure, both by signing the cookie and by optionally storing the contents of the session server side and I do use the session for what it is for. But my question here is about storing a cookie, a piece of information I do not want in the session but I still need it to be secure.

    Read the article

  • How to Create the Upload File for Application Loader?

    - by Ohad Regev
    When I use Application Loader, I get to the point where it asks me to "Choose..." the file to be uploaded. If I understand correctly, it supposes to be the appName.app file I see under "Products" on my app bundle (I right click it and select "Show in Finder" to get to the specific file in library; then I'm supposed to ZIP it and the ZIP file is what I will choose in Application Loader). First, am I correct with this assumption? if yes... What should I define different in XCode than the way I used to build the application for testing (on simulator and on my personal iPhone)? Should I change the Info---Command-line build use from Debug to Release? How should I define the Build Settings---Code Signing section (in which field should I select the "iPhone Developer" option and in which should it be "iPhone Distribution")? Are there any other important Info/Build Settings/p.list/etc... fields I should relate to? any help will be appreciated...

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 17 18 19 20 21 22 23 24 25 26  | Next Page >